Django: SQL injection via QuerySet.explain(options) on PostgreSQL

A flaw was found in the Django package, leading to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely...